back to article Anonymous wants DDoS attacks recognized as speech

The loosely organized hackers of Anonymous don't just launch distributed denial-of-service attacks for the lulz. They do it to send a message, which is why they've petitioned the Obama administration to recognize DDoS as a legal form of protest. The petition, which was filed on the White House's We the People website, argues …

COMMENTS

This topic is closed for new posts.

Page:

Silver badge

Find out who signed the petition ......

... then go and ring their doorbell repeatedly and continuously. They'll understand and respect your position.

33
4
Silver badge
Facepalm

Re: Find out who signed the petition ......

"Your honour, I was only expressing my right to free speech through the medium of hitting 'im repeatedly with my fist. I have always found that knocking people down is a good way of making sure my points are heard"

2
5
Silver badge

Re: Find out who signed the petition ......

"... then go and ring their doorbell repeatedly and continuously. They'll understand and respect your position."

Nah , it'll just piss off his parents.

7
0

@dotdavid

I thought it would be better to convey your free speech through the line "Stop hitting yourself"

1
0
Silver badge

One essential flaw with this reasoning...

A protest, done decently, is based on a two way communication; the protest group makes their opinion heard (which obviously opposes another opinion) but normally (should) always allows the opposition to make their voice heard as well. When done right a protest may end in a debate which might eventually help to bring both parties together.

DDoS on the other hand does not allow for such situations considering how it totally renders the website of the opposition useless. In my opinion its hardly a form of protest but instead takes more the form of total oppression: "We don't like what your website has to say so we're taking it out completely".

It doesn't matter on which "side" you are; fact remains that one party totally takes away the voice (or online capabilities) of the other.

And although I agree that it may fall within the definition of a protest ("A statement or action expressing disapproval of or objection to something.") one should have at least a some bit of common sense to realize that you can't use that to justify every take of action; there are limits.

19
3
Bronze badge
Go

Re: One essential flaw with this reasoning...

Pretty much what I would have put about this one. The other difference between a protest, assuming it was immediately outside the disputed organisation, is that it doesn't stop the on-going business of that organisation. Where protestors do attempt to stop BAU they are arrested and prosecuted... pretty well what seems to happen to anonymous.

In summary they aren't asking for Freedom of speech, more Freedom of Censorship.

2
2
Anonymous Coward

Re: hardly a form of protest but instead takes more the form of total oppression

So, exactly like the Occupy Protests then!

0
3

Re: One essential flaw with this reasoning...

Not only that, a DDoS attack is 1 person using thousands of other people's computers to talk for him. It's not 1000s of people protesting. It's not totally different from the 3/5th law we had in the US during our slavery period.

0
0
Thumb Down

Here's some free speach

Fuck off

15
3
Anonymous Coward

Re: Here's some free speach

Indeed. If you've been on the receiving end of their "free speech" recently, you quickly lose any sympathy with their supposed causes.

Anon...for the irony.

1
1
g e
Silver badge
Holmes

Re: Here's some free speach

Even if it's bombed into you via several tons of democracy TNT ?

1
0
Silver badge
Flame

Let me get this straight

What Anonymous wants, in essence, is the right to take down my websites, destroy my business and my livelihood resulting in me having to lay off my staff, whose own livelihoods are then ruined, with absolutely no recourse for myself to prosecute those responsible.

And all on the say-so of some shitbrained little internet vigilante who might mistake my business for some other arsehole's scam, with no trial, no evidence, just hearsay on some Twitter feed?

You can fuck that idea off right bloody now.

24
3
Silver badge
Stop

Re: Let me get this straight

You forgot the part where the expressed goal it to prevent you from exercising your free speech because it's an inconveniently contrary idea from their's.

Anyone who thinks DDOS is a form of speech is a hypocrite of the highest order.

0
0
Silver badge
Stop

If DDoS is freedom of speech, then email spam must be too.

And I have the right to set a bulldozer in your driveway in the morning, so you can't get out of the garage and go to work!!

On second thought, I think Anonymous is full of crap....

4
1
Anonymous Coward

Re: If DDoS is freedom of speech, then email spam must be too.

I think this sort of thing means freedom can never be complete, because sometimes the exercise of that freedom will impinge on another's freedom. You might be left with something resembling the Wiccan Rede "An it harm none, do what thou wilt"... except that if a protest really does harm none, it is easily ignored.

3
1
Silver badge

Re: If DDoS is freedom of speech, then email spam must be too.

Actually you can make a better argument that SPAM is a form of free speech than that DDOS is.

SPAM at least meets the criteria that it is communicating. Where it falls down is that it forces the recipient to pay for the speech, which is not permissible under classical property rights concepts. And if you throw out the private property rights it still falls under the problem of the free commons.

1
1
Alien

Legal protest or Zombie Apocalypse?

Being that most of the owners (the people that actually bought the hardware, not the l337 h4x0rs that hijacked them) of the machines that at "sitting in" are unaware that they're doing it.

This is less like and organised group of people occupying a location, and more like the the evil wizard sending his army of minions to attack.

3
0
Silver badge

Re: Legal protest or Zombie Apocalypse?

Yeah pretty much my first thought:

argues that DDoS "is not a form of hacking in any way" and that it's really not much different than repeatedly hitting the refresh button in your web browser, albeit on a much larger scale

Not hackng in any way - true - but definitely different to hitting the refresh button in your browser, especially if some of the participants are part of a botnet, or are compromised servers.

What they're saying could - almost - be a fair point, if every participant was sat at their own machine, using their own machines resources. That's not what happens though, and it also fails to address the points others have made, like the inability to have a two-way conversation with the protestors.

0
0
Silver badge
Black Helicopters

You can protest outside the local grocery store.

But you're going to jail if you drive your truck through the store's front door as a means of keeping the shoppers out. And in fact, many members of Anonymous have gone to jail recently for doing exactly that with their ion cannons. Guess it all sort of works itself out in the end.

2
0
Trollface

Re: You can protest outside the local grocery store.

Except for the internet is not a big truck...

1
1
Trollface

Re: Except for the internet is not a big truck...

Of course not, as any fule no, th internet is a series of tubes...

0
0
Bronze badge

should be allowed

Continuously pressing F5 while visiting a website I mean. Heck, even tee up a time with your friends after school and have an F5 party

Using an automated tool to send malformed packets in short time is not free speech. It is simply the denial of someone else's, even if they are sick bastards protesting at childrens' funerals.

4
0
Windows

F5 parties

..should I bring wine?

2
0
Anonymous Coward

Re: should be allowed

One is a form of protest, the other is the equivalent of hiring a load of cheap labour to protest on your behalf. One placard vs 100 being waved by mexicans earning $1 per hour.

0
0
Silver badge

Re: F5 parties

"..should I bring wine?"

A nice crisp white? That would be refreshing.

0
0
Silver badge

Re: should I bring wine?

No, cheese. There will be plenty of whine already.

2
0
Bronze badge

Re: F5 parties

"should I bring wine?"

You could if you really need IE. I would just use Firefox personally. Then you don't need it.

0
0
Anonymous Coward

Having spent...

...a significant amount of time and money blocking one of their DDoS attacks last year, then respectfully, no.

4
1
Anonymous Coward

Re: Having spent...

Yeah I always feel particularly aggrieved when I have to deal with a DDoS, it's just so damn sophisticated. It's like wanting to play chess but finding the opponent only has the capacity to flick tiddliwinks.

It's as depressing as finding a web-based backdoor has been installed on a system, a sophisticated attacker could have (potentially) used it to compromise the system, but the thick-as-two-planks attacker clearly didn't know how and has simply defaced a page instead.

Don't get me wrong, I don't want our customer's servers to get hacked, but a complete lack of sophistication does say bad things about the technical understanding of today's spotty oiks.

1
0

Re: Having spent...

Defacing rather than doing more serious damage could simply mean "we want to let you know your system is insecure, but we don't want to kill you."

2
0
Silver badge

Re: Having spent...

Honestly,

you owe them no respect.

0
0

Luckily 25,000 signatures required

So far 841 have signed this petition. This explains why such a high threshold is set to weed out such blatant nonsense.

0
0
Anonymous Coward

Re: Luckily 25,000 signatures required

"Anonymous we are legion" - actually it appears not, a (Roman) Legion was about 6000 men, but it appears to be only 830 of Anonymous according to this petition.

Its probably a fairly accurate figure too - I mean a group that can get thousands of idiots to become a willing botnet must also be using the same jedi mind control techniques to get votes for this petition.

As myth busters say.... busted!

Anon because as others have pointed out, just for the lolz

0
0
Happy

Re: Luckily 25,000 signatures required

Not to worry. I'm sure someone will release a tool soon enough that lets Anonymous use a bonnet to sign the petition tens of thousands of times per second from large numbers of different IP addresses...

1
0
Silver badge

I suspect that the anonytwat's perception of freedom of speech ...

... ends roughly when someone anonymously smack them personally in the gob.

Tearing down infrastructure not owned personally, by you, is not freedom of speech. It is vandalism. And the 99% are getting really, really sick of you 1 percenters vandalizing our IntraWebTubes space.

1
2
Anonymous Coward

Re: I suspect that the anonytwat's perception of freedom of speech ...

Were in not for the rest of the damage it would do to society, it might be interesting to pass their petition.

And then watch with the popcorn bowl as all the major corporations began coordinated DDOS attacks on Anon resources across the globe. Because revenge is a dish best served with a buttered popcorn.

1
0
g e
Silver badge
FAIL

Now, I agree in principle if...

Every machine contributing to the DDOS actively chose to via its owner clicking 'Join in the DDOS' which is what LOIC does IIRC...

A zombie botnet used for DDOS does not have the explicit consent of its owner to contribute to the attack, therefore it's akin to someone stealing their voting slip and voting on their behalf in a way they would not choose to.

Therefore not free speech, a rigged vote. Which is illegal.

4
1
Devil

DDOS attacks....

Yeah it has SOME merit, sometimes, but overall, aside from attacking relevant causes, and knocking spammers offline etc., it generally is little more than an a brief annoyance.

"Oh Oh Oh we jammed a christmas cake up the FBI's arse! Golly Gosh!"

I hear the ways to bypass a DDOS attack are pretty easy though.

1
0

Re: DDOS attacks....

Easy...yes.

Cheap...no. If it's done right.

You need to pay for the upstream filtering at the ISP, configure the rule scenarios and then there's the DNS re-direction and hosting to consider. The things you can do locally (rule-based request filtering, window resizing, run site in no graphics/maintenance mode, etc) only take you so far. They won't protect you from 50gbits of layer 2/3 traffic - 100,000 SYN-ACK/ACK's (or RST's) per second still adds up, and chances are the CLOSE_WAITS alone will kill your server.

1
0
Silver badge

Their analogy is flawed

I support the right to protest: to go somewhere, be noisy and make your point of view as one of a group. If you believe something - stand up, be seen, be heard and be counted.

DDOS: let me see...

Do we know who is behind the protest ? No: the DDOSers have typically hijacked others' machines.

Do I (as a visitor to the web site) know what it is about ? No: all that I know is that the site is slow.

Can we count the protestors ? No: they aren't using their machines, we do not know who they are.

Having an analogue of a street protest is difficult in cyberspace, most people who visit the site just won't know. So what can we do:

* Insist that all web sites have a link to whoever wants to say something about them ? Not practical; Apple knows how to avoid this (until the court finally kicked them hard enough).

* Permit sites with domains like XxxSucks.org that will show up in google. Yes - that is as close as I can think, these must be protected from being taken down by Xxx.

2
0
Bronze badge
Childcatcher

Re: Their analogy is flawed

I agree that their argument is flawed, but not for the reasons you give. Having to physically be somewhere to exercise your right to free speech, which is what your point concerning protest actually goes to, would restrict the exercise of free speech more than it already is (or should be). The argument should not be whether or not a DDoS is a valid form of protest. Rather, it should be if it constitutes an exercise of free speech. Should anonymous (small A) speech be protected? The answer, I feel, is not an absolute Yes or No, but more depends on the situation.

At first blush, while I do not like the idea of a DDoS, I can see that it might be viewed as an exercise in free speech with the caveat that it cannot be implemented with hijacked machines. Proving this is not the case... I am glad I am not writing the legislation on this.

Finally, the potential for abuse by a competitor is problematic. Even if a DDoS is deemed a valid exercise of free speech, this possibility seems an obvious outcome of legalizing the practice as a form of protest.

0
0
Pint

How about a halfway point?

DDOS is legal, so long as youre only using people at a keyboard hitting refresh. Want to take down a company? Use an army of people so youre showing a significant number of dedicated protesters.

Using software dedicated to doing this is more akin to building a wall around a building- it'll stay up forever and the people can wander off so arent actively taking part of the protest- which would be illegal.

0
1
Joke

This is why we can't have nice things!

0
0

I'm for it..

Assuming each IP == 1 person intentionally taking part than I am totally for this type of thing. Even if its automated.

To me automating it is the same as bringing a chair to a sit in. Even while protesting there is no reason you can't be comfortable. I also think that in most cases it is okay to totally disrupt a place of business. When you go on strike do you allow anyone to enter your factory?(although I'm sure many of you will disagree)

Using a botnet however would be very wrong, and is in itself illegal even if the botnet isn't used for ddos.(breaking into computers and all that)

Just as with normal strikes I imagine that if this ware to ever become law there would of course be some constraints. For instance: blocking a hospital(or its online equivalent of ddosing emergency services) is generally frowned upon.

Its probably also worth mentioning that pre 2000 this was totally legal (or at the very least never went to court, floodnet comes to mind. The old documentary "hackers in wonderland" makes some nice references to it.)

Full disclosure: My datacenter gets hit with a 20Gbit ddos pretty much every day all day. About once a month it peaks to 60Gbit for a short while and I'll have some connectivity problems but that never lasts very long. But this is from one or two individuals with a botnet, not a protest. So despite feeling the effects of this sort of thing on a daily basis I still approve of ddos as a form of protest.

2
1
Law
Paris Hilton

But normally the protesters WANT to protest...

... whereas DDOS attacks are normally done through compromised machines against the will of the owner of that machine - at the will of a handful of eejits these "protesters" are being included in a protest they know nothing about.

Basically... doing Occupy their way would involve 3 or 4 people deciding they needed to protest against something - then in masks going out and rounding up grannys, kids and dumb people from around the world - transporting them to the company at no cost to them, while the victims (grannys, kids etc) thrashed about confused as to what was going on.

Once at the building, they use multiple trebuchets to launch these people at the front door until nobody else can get past them or security opens another entrance or two.

0
0
Joke

Re: But normally the protesters WANT to protest...

I would be willing to pay a small amount of money to see a flash animation depicting exactly this.

It is worth pointing out that some of the highest profile anonymous attacks ware mostly individuals and not botnets. Those that got arrested and convicted for their participation in a ddos attack ware the ones that did it from their home network where 1 IP was 1 individual.

There was very little chance of catching those that used a botnet, so if this becomes a law or not it will never stop botnets.

But it will in my opinion give a voice to those that are generally upset about something without going to jail instead of only giving a voice to those that are willing to get arrested or those smart enough to cheat.

1
0
Facepalm

Anonymous?

CREATOR OF PETITION

Dylan K

Eagle, WI

January 07, 2013

Signature # 1

D0x, Mentlegen.

Sincerely, a cow herd.

1
0
Stop

Rather than making it legal...

I'm for downgrading it to a petty crime - one that gets a warning, then a fine or community order. Currently the upper level of punishment is higher than someone caught driving without a license, drink driving, drug possession, common assault, public indecency, petty theft, shoplifting, disorderly conduct etc...

All those lesser crimes actually affect real people and can cause significant injury, loss and pain. A DDOS in contrast may affect a business (if it's primary income is web-based), but no more than a common IT glitch would - well run businesses, particularly corporations, design for fault-tolerance and make fail-over plans for that.

The problem is that law-makers still think computers are magical things from the 80's that enable teenagers to hack into government defence systems and launch nukes all over a simple modem. Those in the fear industry know that can strap "cyber-" onto the front of any threat to elevate it to a much worse situation than it actually is.

This is why people are so confused when it comes to DDOS attacks, and sadly I see a few commentards here, under the impression that it involves hacking into a website and causing damage - when actually it's sending the equivelant of many multiples of 'visits' to the website - no intrusion needed.

The actual real-life equivalent is not blocking an entrance to a business. It's sending 1000's of people to browse a store with no intention of buying, preventing genuine shoppers from physically getting in for a few hours.

The real-life equivalent is a semi-malevolent flash-mob.

1
1
Silver badge
FAIL

Re: Rather than making it legal...

As a DDOSer you are not making a point, you are not conveying an idea, you are not trying to say anything. What you are doing is making sure they I cannot say what I have to say. THIS IS NOT SPEECH, it's sole purpose it to deny the victim speech.

A flash mob may raise awareness. Normally someone will be explaining what it is all about, or have signs or some-such. A DDOS does not, because the users only see the site is slow. They do not understand your point BECAUSE YOU ARE NOT MAKING ONE.

We are not saying you have "mad haxzoring skillz" we are saying you are being destructive and disruptive to other's speech rather then taking the proper approach and legitimately speaking out, arguing what is wrong with your victim.

I have mitigated these types of attacks. The last one I did was not Anon, but the attack was much the same. It can be done, but it is expensive to do. Us in the real world are incurring costs because... well... I haven't figured out why. It's certainly not so you can speak your mind, because you aren't. If you wanted to you could put up a youtube video, or even your own web-site if you wanted.

Your goal is not the message, it is to cause harm. To be honest, I think the punishment isn't severe enough. I take speech vary seriously, even for those who have things to say I don't like. I would never harm their ability to speak their mind. It's a shame the fascists in anonymous fail to understand that.

0
0
Anonymous Coward

Typical

ASSnonymous needs to pull their heads outta their arses and get in touch with reality.

Why not make all crimes "legal" so that those who can't live within the laws of society and who attack others and cost them monetary losses, are free to abuse all? Frigging idiots best describes ASSnonymous.

0
0

Page:

This topic is closed for new posts.

Forums